Crate self_encryption [−] [src]
A file content self encryptor
This library will provide convergent encryption on file based data and produce a DataMap
type
and several chunks of data. Each chunk is max 1Mb in size and has a name. This name is the
Sha512
of the content, this allows the chunks to be confirmed. If size and hash
checks are utilised, a high degree of certainty in the validity of the data can be expected.
Use
To use this lib you must implement a trait with two functions, these are to allow get_chunk
and put_chunk
from storage. This must be set up by implementing the Storage trait (see below);
The trait can allow chunks to be stored in a key value store, disk, vector (as per example below), or a network based DHT.
Examples
This is a simple setup for a memory based chunk store. A working implementation can be found in the test crate of this project.
extern crate self_encryption; use std::sync::{Arc,Mutex}; struct Entry { name: Vec<u8>, data: Vec<u8> } struct MyStorage { entries: Arc<Mutex<Vec<Entry>>> } impl MyStorage { fn new() -> MyStorage { MyStorage { entries: Arc::new(Mutex::new(Vec::new())) } } fn has_chunk(&self, name: Vec<u8>) -> bool { let lock = self.entries.lock().unwrap(); for entry in lock.iter() { if entry.name == name { return true } } false } } impl self_encryption::Storage for MyStorage { fn get(&self, name: Vec<u8>) -> Vec<u8> { let lock = self.entries.lock().unwrap(); for entry in lock.iter() { if entry.name == name { return entry.data.to_vec() } } vec![] } fn put(&self, name: Vec<u8>, data: Vec<u8>) { let mut lock = self.entries.lock().unwrap(); lock.push(Entry { name : name, data : data }) } }
Use of this setup would be to implement a self encryptor e.g let mut se = SelfEncryptor::new(my_storage, datamap::DataMap::None);
Then call write (and read after write)…etc… on the encryptor. The close()
method will return
a DataMap
. This can be passed to create a new encryptor to access the content let data_map = se.close();
This is then used to open the data content in future sessions; e.g. let mut self_encryptor = SelfEncryptor::new(my_storage, data_map);
where the data_map
is the object returned
from the close()
call of previous use of this file content via the self_encryptor. Storage of
the DataMap
is out with the scope of this library and must be implemented by the user.
Modules
datamap |
Information required to recover file content from chunks. |
encryption |
Structs
SelfEncryptor |
This is the encryption object and all file handling should be done using this object as the low level mechanism to read and write content. This library has no knowledge of file metadata. This is a library to ensure content is secured. |
Constants
MAX_CHUNK_SIZE |
MAX_CHUNK_SIZE defined as 1MB. |
MIN_CHUNK_SIZE |
MIN_CHUNK_SIZE defined as 1KB. |
Traits
Storage |
Storage traits of SelfEncryptor. Data stored in Storage is encrypted, name is the SHA512 hash of content. Storage can be in-memory HashMap or disk based |
Functions
xor |
Helper function to XOR a data with a pad (pad will be rotated to fill the length) |